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Amendments to the Claims: 

The following listing of claims replaces all prior versions, and listings, of claims in the 
present application. Please add claim 13. Please cancel claims 2, 4, 5, 11, and 12. Please amend 
claims 1 and 10 as follows: 

Listing of the Claims: 

1. (currently amended) A method fnr o ffoctmg controlled allowing a user to tempor arily 
gain access to a privileged account on a computer system to perform a maintenance task, the 
method being a replacement for a conventional switch user command, comprising: 

receiving a switch user command login into an account with a user id and an account 
name as an argument ; 

retrieving a list of privileged account names; 

determining whether the account name is in a list of privileged account names and 
a llowing access to the account diverting the user to the conventio nal switch user command 
prompt if the account name is not in the privileged account list; otherwise,, 

determining whether the user id is in a li s t of us e r ids belongs to a privileged group 
located in a grout? list on the computer system having permission to access privileged accounts; 

denying access to privileged accounts and notifying the ma nager if the user id does not 
belong to the privileged group, otherwise, 

allowing access to the account if the user id is in the list of user ids having permission to 
access privileg e d accounts ; 

prompting for a reason for accessing the account; 

recording a reason for accessing the account; 

notifying a manager by email of the access of the privileged account of the switch user 
login along with the name of a first log file ; 

recording keystrokes in [[a]] the first log file while logged into the account; 
recording keystrokes in a duplicate log file while logged into the account ; 
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determining whether the first log file was tampered with and, if so, recording that the first 
log file was tampered with in the duplicate log file and transmitting the duplicate log file to the 
manager; 

terminating the switch user login; 

and notifying the manager by email of the privileged account of the switch user login 
termination. 

2. (cancelled) 

3. (original) A method in accordance with claim 1 further comprising: denying write 
permission to the log file after the step of terminating the login. 

4. (cancelled) 

5. (cancelled) 

6. (original) A method in accordance with claim 1 further comprising: transmitting the 
log file to the account manager. 

7. (original) A method in accordance with claim 1 further comprising: receiving a 
password in order to access the privileged account; determining whether the password associated 
with the user id matches the entered password; and permitting access only if the password 
associated with the user id matches the entered password. 

8. (original) A method in accordance with claim 1 further comprising: notifying the 
manager of the privileged account if the login is not successful 

9. (original) A method in accordance with claim 1 further comprising: compressing the 
log file after terminating the login. 
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10, (currently amended) A method in accordance with claim 1 further comprising: 
re cording keystrokes while accessing the account in a duplicate log file; deleting the duplicate 
log file responsive to a determination that the log file has not been tampered with. 

11, (cancelled) 

12, (cancelled) 

13, (new) A method for allowing a user to temporarily gain access to a privileged 
account on a computer system to perform a maintenance task, the method being a replacement 
for a conventional switch user command, comprising: 

receiving a switch user command login with a user id and an account name as an 
argument; 

retrieving a list of privileged account names; 

determining whether the account name is in a list of privileged account names and 
diverting the user to the conventional switch user command prompt if the account name is not in 
the privileged account list; otherwise, 

determining whether the user id is in a list of user ids having permission to access 
privileged accounts and allowing access to the account if the user id is in the list of user ids 
having permission to access privileged accounts; 

prompting for a reason for accessing the account; 

recording a reason for accessing the account; 

notifying a manager of the privileged account of the login; 

recording keystrokes in a log file while logged into the account; 

terminating the login; 

and notifying the manager of the privileged account of the login termination. 



Page 4 of 1 1 



